<?php include "templates/header.php"; 
    if(isset($_POST['add_new_user']) && $_POST['add_user_pwd'] == $_POST['add_user_pwd_rpl']){
            $login = addslashes(trim($_POST['add_user_login']));
            $pwd = md5(addslashes(trim($_POST['add_user_pwd'])));
            $insert_fields = array("login" => $login, "password" => $pwd);
            mysql_insert('user', $insert_fields);
    }
    if(isset($_POST['update_password']) && $_POST['upd_user_pwd'] == $_POST['upd_user_pwd_rpl']){
            $upd_fields = array("password" => md5(addslashes(trim($_POST['upd_user_pwd']))));
            mysql_update('user', $upd_fields, $_POST['upd_user_id']);
    }
    if(isset($_POST['change_su_pwd']) && $_POST['new_password'] == $_POST['new_password_reply']){
            $upd_fields = array("password" => md5(addslashes(trim($_POST['new_password']))));
            mysql_update('user', $upd_fields, $_POST['change_su_id']);
    }
    if(isset($_POST['delete_user'])){
        mysql_delete('user', $_POST['delete_user']);
    }


    $users = mysql_select_array("SELECT * FROM `user` WHERE `status` = 'u'");
    $su = mysql_row_assoc("SELECT * FROM `user` WHERE `status` = 'su'");
?>
<div style="margin: 10px auto; width: 300px; min-height: 100px;  text-align: center;">
    <form action="" method="post">
        <input type="hidden" name="change_su_pwd" value="1" />
        <input type="hidden" name="change_su_id" value="<?=$su['id'];?>" />
        <?=$su['login'];?><br /><br />
        Новый пароль:<br />
        <input style="width: 80%;" type="password" name="new_password" /><br />
        Еще раз:<br />
        <input style="width: 80%;" type="password" name="new_password_reply" /><br />
        <input style="margin: 10px auto; " type="submit" value="поменять пароль" />
    </form>
</div>
<hr />
<?if($users):?>
<table border="0" style="width: 70%; margin: 10px auto; text-align: center;">
    <tr><td colspan="4">Изменить пароль пользователя</td></tr>
    <tr>
        <td>Логин</td>
        <td>Новый пароль</td>
        <td>Еще раз</td>
        <td></td>
    </tr>
    <?  foreach ($users as $key => $user):?>
    <tr>
        <form action="" method="post">
            <td>
                <input type="hidden" name="update_password" value="1" />
                <input type="hidden" name="upd_user_id" value="<?=$user['id'];?>" />
                <?=$user['login'];?>
            </td>
            <td><input type="password" name="upd_user_pwd" style="width: 220px;" /></td>
            <td><input type="password" name="upd_user_pwd_rpl" style="width: 220px;" /></td>
            <td><input type="submit" value="Обновить" /></td>
        </form>
            <td><form action="" method="post" style="margin:0;"><input type="hidden" name="delete_user" value="<?=$user['id'];?>" /><input type="submit" value="удалить" /></form></td>
    </tr>
    <?  endforeach;?>
</table>
    
<hr />
<?endif;?>
<div style="width: 100%; text-align: center;">
    Добавить нового пользователя<br /><br />
    <form action="" method="post">
        <input type="hidden" name="add_new_user" value="1" />
        Логин:&nbsp;<input type="text" name="add_user_login" style="width: 220px;" />&nbsp;
        Пароль:&nbsp;<input type="password" name="add_user_pwd" style="width: 220px;" />&nbsp;
        Еще раз:&nbsp;<input type="password" name="add_user_pwd_rpl" style="width: 220px;" />&nbsp;
        <input type="submit" value="add user" />
    </form>
</div>